www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS Introduction to Network Security, Authentication Applications, Introduction to Network Security, Authentication Applications Information: is defined as “knowledge obtained from investigation, Study or Instruction, Intelligence, news, facts, data, a Signature or Character representing data”. Security: is defined as “freedom from Danger”, or Safety: “Freedom from Fear or Anxiety”. Information Security: “Measures adopted to prevent the unauthorized use, misuse, modification, Denial of use of knowledge, Facts, data or Capabilities”. From the above definition, Information Security does guarantees protection. Computer security: With the introduction of the computer, the need for automated tools for protecting files and other information stored on the computer became evident. This is especially the case for a shared system, and the need is even more acute for systems that can be accessed over a public telephone network, data network, or the Internet. The generic name for the collection of tools designed to protect data and to thwart hackers is computer security. Internet security: Security is affected with the introduction of distributed systems and the use of networks and communications for carrying data between terminal user and computer and between computer and computer. Network security measures are needed to protect data during their transmission. In fact, the term network security is somewhat misleading, because virtually all business, government, and academic organizations interconnect their data processing equipment with a collection of interconnected networks. Such a collection is often referred to as an internet, and the term internet security is used. There are no clear boundaries between the above said forms of security. The OSI Security Architecture: The International Telecommunication Union (ITU) Telecommunication Standardization Sector (ITU-T) Recommends X.800, Security Architecture for OSI, defines a systematic approach. The OSI security architecture provides overview of many of the concepts and it focuses on security attacks, mechanisms, and services. www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS Introduction to Network Security, Authentication Applications, Security attack: Any action that compromises the security of information owned by an organization. Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service. The terms threat and attack are commonly used to mean more or less the same thing and the actual definitions are Threat: A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability. Attack: An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. Security Attacks: Security attacks, used both in X.800 and RFC 2828, are classified as passive attacks and active attacks. A passive attack attempts to learn or make use of information from the system but does not affect system resources. An active attack attempts to alter system resources or affect their operation. Passive Attacks: Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are release of message contents and traffic analysis. The release of message contents is easily understood (Figure 1.3a). A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS Introduction to Network Security, Authentication Applications, confidential information. To prevent an opponent from learning the contents of these transmissions. A second type of passive attack, traffic analysis, is subtler (Figure 1.3b). Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message. The common technique for masking contents is encryption. If we had encryption protection in place, an opponent might still be able to observe the pattern of these messages. The opponent could determine the location and identity of communicating hosts and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place. Passive attacks are very difficult to detect because they do not involve any alteration of the data. Typically, the message traffic is sent and received in an apparently normal fashion and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection. www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS Introduction to Network Security, Authentication Applications, Figure 1.3. Passive Attacks Active Attacks: Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: Masquerade, Replay, Modification of messages, and Denial of service. www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS Introduction to Network Security, Authentication Applications, A masquerade takes place when one entity pretends to be a different entity (Figure 1.4a). A masquerade attack usually includes one of the other forms of active attack. For example, authentication sequences can be captured and replayed after a valid authentication sequence has taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by impersonating an entity that has those privileges. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect (Figure 1.4b). Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect (Figure 1.4c). For example, a message meaning "Allow John Smith to read confidential file accounts" is modified to mean "Allow Fred Brown to read confidential file accounts." The denial of service prevents or inhibits the normal use or management of communications facilities (Figure 1.4d). This attack may have a specific target; for example, an entity may suppress all messages directed to a particular destination (e.g., the security audit service). Another form of service denial is the disruption of an entire network, either by disabling the network or by overloading it with messages so as to degrade performance. www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS Introduction to Network Security, Authentication Applications, www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS Introduction to Network Security, Authentication Applications, The Difference between passive and Active Attacks are summarized as follows. Sl.No Passive Attacks Active Attacks 1 Very Difficult to Detect and Very easy to Detect and Very Measures are Available to difficult to Prevent. prevent their Success 2 The Attacker merely needs to be The Attacker needs to gain able to observe Transmissions. Physical control of a portion of the link and be able to Insert and Capture Transmission. 3 The Entity is unaware of the The Entity gets aware of it, when Attack. attacked. 4 Don’t involve any modification Involve modification of the. www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS www.bookspar.com | VTU NOTES | QUESTION PAPERS | NEWS | RESULTS | FORUMS Introduction to Network Security, Authentication Applications, of the contents of original original contents message. 5 No Such changes The Attacks may be Masquerade Modification Replay DOS Security Services: X.800 defines a security service as a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers. Also the RFC 2828 defines security services as a processing or communication service that is provided by a system to give a specific kind of protection to system resources. Security Services implement security policies and are implemented by security mechanisms. X.800 divides these
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages44 Page
-
File Size-